Sami Farin

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.13-rc4-next-20131218 **Description** A race condition exists in the ldsem cmpxchg function, allowing local users to cause a denial of service. This can lead to a deadlock between ldsem down read and ldsem down write by establishing a new tty thread during the shutdown of a previous tty thread. **Recommendations** For Linux kernel versions prior to 3.13-rc4-next-20131218, update to version 3.13-rc4-next-20131218 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** gnucash versions 2.0.4 and earlier **Description** The issue allows local users to overwrite arbitrary files via a symlink attack on the (1) gnucash.trace, (2) qof.trace, and (3) qof.trace.[PID] temporary files. **Recommendations** For gnucash versions 2.0.4 and earlier, consider restricting access to the temporary files gnucash.trace, qof.trace, and qof.trace.[PID] to prevent a symlink attack until a patch is available.